Rebecca MacKinnon's postings about work, reading, and ideas from 2004-2011.

November 16, 2011

Last month the U.S. Trade Representative Ron Kirk sent a letter to the Chinese government requesting information about its censorship practices. The middle kingdom’s response: a polite middle finger. Foreign ministry spokeswoman Jiang Yu declared that Chinese censorship follows “international practice.”

Her response is specious given that China operates the world’s most elaborate and opaque system of Internet censorship, as I describe in Chapter 3 of my forthcoming book. Yet Congress has been hard at work to bolster its legitimacy, however inadvertently. The reality is that the PROTECT IP Act now in the Senate, and a new House version called Stop Online Piracy Act (SOPA), would bring key features of China’s Great Firewall to America. Read my opinion piece in the New York Timesfor more details on how these bills would implement technical and legal solutions that would have the unfortunate result of making the Internet everywhere more like the Chinese Internet.

The House Judiciary Committee will hold a hearing on SOPA at 10am on Wednesday morning (a few hours from now). It will be webcast live on the committee website. The video should also be archived there after the event.

Opposition to SOPA is widespread, bipartisan, and international. The Center for Democracy and Technology is collecting links to blog posts, articles, as well as letters of opposition from human rights groups, Internet engineers, law professors, Internet companies, public interest advocates, consumer rights groups, among others. Allan Friedman at the Brookings Institution has an excellent paper explaining how SOPA and PROTECT IP will make the Internet less secure, sabotaging engineers' long-running efforts to increase the level of security in the global domain name system.

The New America Foundation (where I am a senior fellow) has signed an open letter to the House Judiciary Committee, along with a list of human rights, civil liberties and public interest groups. It argues:

We do not dispute that there are hubs of online infringement. But the definitions of the sites that would be subject to SOPA’s remedies are so broad that they would encompass far more than those bad actors profiting from infringement. By including all sites that may – even inadvertently – “facilitate” infringement, the bill raises serious concerns about overbreadth. Under section 102 of the bill, a nondomestic startup video-sharing site with thousands of innocent users sharing their own noninfringing videos, but a small minority who use the site to criminally infringe, could find its domain blocked by U.S. DNS operators. Countless non-infringing videos from the likes of aspiring artists, proud parents, citizen journalists, and human rights activists would be unduly swept up by such an action. Furthermore, overreach resulting from bill is more likely to impact the operators of smaller websites and services that do not have the legal capacity to fight false claims of infringement.

In Chapter 7 I describe my experience testifying at a March 2010 House Foreign Relations Committee hearing chaired by Rep. Howard Berman (D-CA). Berman happens to be one of SOPA’s key sponsors. While the hearing’s stated purpose was to discuss Google’s decision to halt censorship in China and how the United States can support global Internet freedom, committee members devoted considerable time to chastising a Google executive for failing to sufficiently police uploads to YouTube for infringing content. By their standards, YouTube and other similar user-driven sites clearly fall short of SOPA’s requirements. As I point out in the book, The cognitive dissonance on display at that hearing highlighted an inconvenient reality: politicians throughout the democratic world are pushing for stronger censorship and surveillance by Internet companies to stop the theft of intellectual property. They are doing so in response to aggressive lobbying by powerful corporate constituents without adequate consideration of the consequences for civil liberties, and for democracy more broadly.

The public interest letter details some of those consequences:

Relying on an even broader definition of “site dedicated to theft of US property,” section 103 of SOPA creates a private right of action of breathtaking scope. Any rightsholder could cut off the financial lifeblood of services such as search engines, user-generated content platforms, social media, and cloud-based storage unless those services actively monitor and police user activity to the rightsholder’s satisfaction.

In my op-ed I conclude:

The potential for abuse of power through digital networks — upon which we as citizens now depend for nearly everything, including our politics — is one of the most insidious threats to democracy in the Internet age. We live in a time of tremendous political polarization. Public trust in both government and corporations is low, and deservedly so. This is no time for politicians and industry lobbyists in Washington to be devising new Internet censorship mechanisms, adding new opportunities for abuse of corporate and government power over online speech. While American intellectual property deserves protection, that protection must be won and defended in a manner that does not stifle innovation, erode due process under the law, and weaken the protection of political and civil rights on the Internet.

I am not against copyright or intellectual property protection - I'm about to publish a copyrighted book. I hope that people will buy it. Its quality owes a great deal to the editors and other professionals whose job it was to help me shape and refine my argument, and to improve my prose. But I don't believe that the defense of my copyright should come at the expense of civil liberties. It is a moral imperative for democracies to find new and innovative ways to protect copyright in the Internet age without stifling the ability of citizens around the world to exercise their right to freedom of speech and assembly on the Internet.

September 27, 2010

We will promote new tools of communication so people are empowered to connect with one another and, in repressive societies, to do so with security. We will support a free and open Internet, so individuals have the information to make up their own minds. And it is time to embrace and effectively monitor norms that advance the rights of civil society and guarantee its expansion within and across borders.

It appears that "in repressive societies" was an important qualifier when it comes to the question of who does or doesn't deserve access to secure communications tools. He apparently supports helping Chinese dissidents and Iranian activists communicate with one another in a secure manner that evades government surveillance. But if his administration gets its way, Americans may lose the ability to evade surveillance in their own country. According to today's New York Times, the Obama administration plans to propose legislation requiring all digital communications services to enable interception of user communications. We haven't seen any draft text, but based on what the article says, it appears that services based on end-to-end encryption - and which are thus designed to be un-tappable - would effectively become illegal in the United States. This is particularly ironic given that the United States government helps to fund anonymity tools like Tor.

Civil liberties groups, human rights activists, and other supporters of free speech have been quick to voice their concerns. Here are a few choice excerpts:

...In the past ten years, even as the U.S. government has sought (or simply taken) vastly expanded surveillance powers, it never attempted to ban the development and use of secure encryption.

Now the government is again proposing to do so, following in the footsteps of regimes like the United Arab Emirates that have recently said some privacy tools are too secure and must be kept out of civilian hands.

Glen Greenwald puts it bluntly: "the U.S. Government is taking exactly the position of the UAE and the Saudis: no communications are permitted to be beyond the surveillance reach of U.S. authorities."

Cato's Julian Sanchez points out that requiring service providers to "design their systems for breach" is "massively stupid from a security perspective":

.. while the Communications Assistance for Law Enforcement Act (CALEA) already requires phone and broadband providers to build in interception capacity at their network hubs, this proposed requirement—at least going on the basis of the press description, since there’s no legislative text yet—is both broader and more drastic. It appears that it would apply to the whole panoply of online firms offering secure communication services, not just big carriers, imposing a greater relative burden. More importantly, it’s not just mandating that already-centralized systems install a government backdoor. Rather, if I understand it correctly, the proposal would insist on a centralized(and therefore less secure) architecture for secure communications, as opposed to an end-to-end model where encryption is handled client-side. In effect, the government is insisting on the right to make a macro-design choice between competing network models for thousands of companies.

In other words, the whole industry - at least all parts of the industry interested in legally serving American customers and users - would have to bake surveillance capability into their architecture. This in turn will make it even easier for all kinds of regimes to track online conversations, and provides precedent for all governments to ban encryption themselves - effectively killing the President's dream that "people in repressive societies" could connect with one another "with security."

Greenwald and others point out that the New York Times report is even more alarming when read alongside today's Washington Post report that the Obama administration wants to require U.S. banks to report all transfers being made in and out of the country, no matter how small. Greenwald writes:

Leave aside the fact that endlessly increasing government surviellance is not only ineffective in detecting Terrorist plots and other crimes, but isactually counterproductive, as it swamps the Government with more data than it can possibly process and manage. What these Obama proposals illustrates is just how far we've descended in the security/liberty debate, where only the former consideration has value, while the latter has none. Whereas it was once axiomatic that the Government should not spy on citizens who have done nothing wrong, that belief is now relegated to the civil libertarian fringes. Concerns about privacy were once the predominant consensus of mainstream American political thought.

This Bill would give the Attorney General the power to blacklist domain names of sites “offering or providing access to” unauthorized copyrighted works “in complete or substantially complete form, by any means, including by means of download, transmission, or otherwise, including the provision of a link or aggregated links to other sites or Internet resources for obtaining such copies for accessing such performance or displays”; as well as those offering items with counterfeit trademarks. The AG could obtain court orders, through “in rem” proceedings against the domains, enjoining the domain name registrars or registries from resolving the names. Moreover, in the case of domains without a U.S. registrar or registry, other service providers, financial transaction providers, and even advertising servers could be caught in the injunctive net.

While the Bill makes a nod to transparency by requiring publication of all affected domain names, including those the Department of Justice “determines are dedicated to infringing activities but for which the Attorney General has not filed an action under this section,” it then turns that information site into a invitation to self-censorship, giving legal immunity to all who choose to block even those names whose uses’ alleged illegality has not been tested in court. (Someone who is listed must petition, under procedures to be determined by the AG, to have names removed from the list.)

Finally, the statute’s warped view — that allegations of infringement can only be good — is evident in the public inputs it anticipates. The public and intellectual property holders shall be invited to provide information about “Internet sites that are dedicated to infringing activities,” but there is no provision for the public to complain of erroneous blockage or lawful sites mistakenly or maliciously included in the blacklist.

Hollywood likes the Bill. Unfortunately, there’s plenty of reason to believe that allegations of infringement will be misused here in the United States. Even those who oppose infringement of copyright and trademark (myself included) should oppose this censorious attempt to stop it.

Internet governance expert Milton Mueller calls it the Great Firewall of America. The EFF says the bill "runs roughshod over freedom of speech on the Internet" is "designed to undermine basic Internet infrastructure," and "sends the world the message that the United States approves of unilateral Internet censorship."

A Senate staffer told me today that it's meant to be a "jobs bill" - to defend American industry against job losses caused by intellectual property violations.

The free and open Internet is threatened by authoritarian governments, it goes without saying. But we have an even bigger problem when the elected leaders of democracies, in pursuing various aspects of "the national interest" - national security, law enforcement, child protection, intellectual property protection, et cetera - repeatedly turn to solutions that are inimical to the survival of a free and open global Internet.

How do we break this vicious cycle? Until we do, we shouldn't be surprised when beleaguered dissidents in repressive regimes don't trust us. Expect to see a lot more critiques like "The Internet Freedom fallacy" by Global Voices Advocacy director and exiled Tunisian activist Sami Ben Gharbia.

March 14, 2010

Over the past two weeks I've testified in both the Senate and the House on how the U.S. should advance "Internet freedom." I submitted written testimony for both hearings which can be downloaded in PDF form here and here. Full transcripts will become available eventually but meanwhile you can click here to watch the Senate video and here to watch the House video. In both hearings I advocated a combination of corporate responsibility through the Global Network Initiative backed up by appropriate legislation given that some companies seem reluctant to hold themselves accountable voluntarily; revision of export controls and sanctions; and finally, funding and support for tools, and technologies and activism platforms that will counter-act suppression of online speech.

(1) award competitive, merit-reviewed grants, cooperative aggreements, or contracts to private industry, universities, and other research and development organizations to develop deployable technologies to defeat Internet suppression and censorship; and(2) award incentive prizes to private industry, universities, and other research and development organizations to develop deployable technologies to defeat Internet suppression and censorship.

(b) LIMITATION ON AUTHORITY. - Nothing in this Act shall be interpreted to authorize any action by the United States to interfere with foreign national censorship in furtherance of law enforcement aims that are consistent with the International Covenant on Civil and Political Rights.

Whoever runs this foundation will have their work cut out for them in sorting out its strategies, goals, and priorities - and dealing with a great deal of thorny politics. The Falun Gong-affiliated Global Internet Freedom Consortium have been arguing that they were unfairly passed over for recent State Department grants which were given to other groups working on different tools that help you get around Internet blocking - "circumvention tools" as the technical community call them. For the past year they've been engaged in an aggressive campaign to lobby congress and the media to ensure they'll get a slice of future funds. (For examples of the fruits of their media lobbying effort see here, here, and here).

But the unfortunate bickering over who deserves government funding more than whom has distracted attention from the larger question of whether circumvention on its own is sufficient to defeat Internet censorship and suppression of online speech. In his recent blog post, Internet Freedom: Beyond Circumvention my friend and former colleague Ethan Zuckerman warns against an over-focus on circumvention: "We can’t circumvent our way around internet censorship." In short, he summarizes his main points:

- Internet circumvention is hard. It’s expensive. It can make it easier for people to send spam and steal identities.- Circumventing censorship through proxies just gives people access to international content – it doesn’t address domestic censorship, which likely affects the majority of people’s internet behavior.- Circumventing censorship doesn’t offer a defense against DDoS or other attacks that target a publisher.

While circumvention tools remain worthy of support as part of a basket of strategies, I agree with Ethan that circumvention is never going to be the silver bullet that some people make it out to be, for all the reasons he outlines in his blog post, which deserves to be read in full. As Ethan points out, as I pointed out in my own testimony, and as my research on Chinese blog censorship published last year has demonstrated, circumvention does nothing to help you access content that has been removed from the Internet completely - which is the main way that the Chinese government now censors the Chinese-language Internet. In my testimony I suggested several other tools and activities that require equal amount of focus:

Tools and training to help people evade surveillance, detect spyware, and guard against cyber-attacks.

Mechanisms to preserve and re-distribute censored content in various languages.

Platforms through which citizens around the world can share "opposition research" about what different governments are doing to suppress online speech, and collaborate across borders to defeat censorship, surveillance, and attacks in ad-hoc, flexible ways as new problems arise during times of crisis.

As Ethan puts it:

- We need to shift our thinking from helping users in closed societies access blocked content to helping publishers reach all audiences. In doing so, we may gain those publishers as a valuable new set of allies as well as opening a new class of technical solutions.

- If our goal is to allow people in closed societies to access an online public sphere, or to use online tools to organize protests, we need to bring the administrators of these tools into the dialog. Secretary Clinton suggests that we make free speech part of the American brand identity – let’s find ways to challenge companies to build blocking resistance into their platforms and to consider internet freedom to be a central part of their business mission. We need to address the fact that making their platforms unblockable has a cost for content hosts and that their business models currently don’t reward them for providing service to these users.

Which brings us to the issue of corporate responsibility for free expression and privacy on the Internet. I've been working with the Global Network Initiative for the past several years to develop a voluntary code of conduct centered on a set of basic principles for free expression and privacy based on U.N. documents like the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and other international legal conventions. It is bolstered by a set of implementation guidelines and evaluation and accountability mechanisms, supported by a multi-stakeholder community of human rights groups, investors, and academics all dedicated to helping companies do the right thing and avoid making mistakes that restrict free expression and privacy on the Internet.

So far, however, only Google, Microsoft, and Yahoo have joined. Senator Durbin's March 2nd Senate hearing focused heavily on the question of why other companies have so far failed to join, what it would take to persuade them to join, and if they don't join whether laws should be passed that induce greater public accountability by companies on free expression and privacy. He has written letters to 30 U.S. companies in the information and communications technology (ICT) sector. He expressed great displeasure in the hearing with most of their responses, and further disappointment that no company (other than Google which is already in the GNI) even had the guts to send a representative to testify in the hearing. Durbin announced that he will "introduce legislation that would require Internet companies to take reasonable steps to protect human rights or face civil or criminal liability.” It is my understanding that his bill is still under construction, and it's not clear when he will introduce it (he's been rather preoccupied with healthcare and other domestic issues, after all). Congressman Howard Berman (D-CA), who convened Wednesday's House Foreign Affairs Committee hearing is also reported to be considering his own bill. Rep. Chris Smith (R-NJ), the ranking Republican at that hearing, made a plug for the Global Online Freedom Act of 2009, a somewhat revised version of a bill that he first introduced in 2006.

I said at the hearing that the GNI probably wouldn't exist if it hadn't been for the threat of Smith's legislation. I was not, however, asked my opinion on GOFA's specific content. Since GOFA's 2006 introduction I have critiqued it a number of times (see for example here, here, and here). As the years have passed - especially in the past year as the GNI got up and running yet most companies have still failed to engage meaningfully with it - I have come to see the important role legislation could play in setting industry-wide standards and requirements, which companies can then tell governments they have no choice but to follow. That said, I continue to have concerns about parts of GOFA's approach. Here is a summary of the current bill written by the Congressional Research Service (I have bolded the parts of concern):

5/6/2009--Introduced. Global Online Freedom Act of 2009 - Makes it U.S. policy to: (1) promote the freedom to seek, receive, and impart information and ideas through any media; (2) use all appropriate instruments of U.S. influence to support the free flow of information without interference or discrimination; and (3) deter U.S. businesses from cooperating with Internet-restricting countries in effecting online censorship. Expresses the sense of Congress that: (1) the President should seek international agreements to protect Internet freedom; and (2) some U.S. businesses, in assisting foreign governments to restrict online access to U.S.-supported websites and government reports and to identify individual Internet users, are working contrary to U.S. foreign policy interests. Amends the Foreign Assistance Act of 1961 to require assessments of electronic information freedom in each foreign country. Establishes in the Department of State the Office of Global Internet Freedom (OGIF). Directs the Secretary of State to annually designate Internet-restricting countries. Prohibits, subject to waiver, U.S. businesses that provide to the public a commercial Internet search engine, communications services, or hosting services from locating, in such countries, any personally identifiable information used to establish or maintain an Internet services account. Requires U.S. businesses that collect or obtain personally identifiable information through the Internet to notify the OGIF and the Attorney General before responding to a disclosure request from an Internet-restricting country. Authorizes the Attorney General to prohibit a business from complying with the request, except for legitimate foreign law enforcement purposes. Requires U.S. businesses to report to the OGIF certain Internet censorship information involving Internet-restricting countries. Prohibits U.S. businesses that maintain Internet content hosting services from jamming U.S.-supported websites or U.S.-supported content in Internet-restricting countries. Authorizes the President to waive provisions of this Act: (1) to further the purposes of this Act; (2) if a country ceases restrictive activity; or (3) if it is the national interest of the United States.

My biggest concern has to do with the relationship GOFA would create between U.S. companies and the U.S. Attorney General. If the AG is made arbiter of whether content or account information requested by local law enforcement is for "legitimate law enforcement purposes" or not, that means the company has to share the information - which in the case of certain social networking services may include a great deal of non-public information about the user, who his or her friends are, and what they're saying to each other in casual conversation. Letting the U.S. AG review the insides of this person's account would certainly violate that user's privacy. It also puts companies at a competitive disadvantage in markets where users - even those who don't particularly like their own government - would consider an overly close relationship between a U.S. service provider and the U.S. government not to be in their interest. Take this hypothetical situation for example: An Egyptian college student decides to use a social networking site to set up a group protesting the arrest and torture of his brother. The Egyptian government demands the group be shut down and all account information associated with it handed over. In order to comply with GOFA, the company shares this student's account information and all content associated with that protest group with the U.S. Attorney General. What is the oversight to ensure that this information is not retained and shared with other U.S. government agencies interested in going on a fishing expedition to explore friendships among members of different Egyptian opposition groups? Why should we expect that user to be ok with such a possibility?

Another difficult issue to get right - which gets even harder with the advent of cloud computing - is the question of where user data is physically housed. The Center for Democracy and Technology,(PDF), Jonathan Zittrain and others have discussed some of the regulatory difficulties of personally identifiable information and its location. In 2008 Zittrain wrote:

As Internet law rapidly evolves, countries have repeatedly and successfully demanded that information be controlled or monitored, even when that information is hosted outside their borders. Forcing US companies to locate their servers outside IRCs [Internet Restricting Countries] would only make their services less reliable; it would not make them less regulable.

If the goal of GOFA is to discourage US companies from violating human rights, then it will probably be successful. But if the goal of the Act is to make the Internet more free and more safe, and not just push rights violations on foreign companies, then more must be done.

Then there is the problem of Internet Restricting Country designations themselves. I have long argued that it is problematic to divide the world into "internet restricting countries" and countries where we can assume everything is just fine, not to worry, no human rights concerns present. First of all I think that the list itself is going to quickly turn into a political and diplomatic football which will be subject to huge amounts of lobbying and politics, and thus will be very difficult to add new countries to the list. Secondly, regimes can change fast: in between annual revisions of the list you can have a coup or a rigged election whose victors demand companies to hand over dissident account information and censor political information, but companies are off the hook - having "done nothing illegal." Finally, while I am not drawing moral equivalence between Italy and Iran I do believe there is no country on earth, including the United States, where companies are not under pressure by government agencies to do things that arguably violate users' civil rights. Policy that acknowledges this honestly is less likely to hurt U.S. companies in many parts of the world where the last thing they need is for people to be able to provide "documentary proof" that they are extensions of the U.S. government's geopolitical agendas.

Therefore a more effective, ethically consistent and less hypocritical approach to the three problems I've described above would be to codify strict global privacy standards absolutely everywhere U.S. companies operate. Companies should be required by law to notify all users anywhere in the world in a clear, culturally and linguistically understandable way (not by trained lawyers but by normal people), exactly how and where their personally-identifying information is being stored and used and who has access to it under what circumstances. If users are better informed about how their data is being used, they can use better judgment about how or whether to use different commercial services - and seek more secure alternatives when necessary, perhaps even using some of the new tools and platforms run by non-profit activist organizations that Congress is hoping to fund. Congress could further bolster the privacy of global users of U.S. services by adopting something akin to the Council of Europe Privacy Convention.

Regarding censorship: again, as the Internet evolves further with semi-private social networking sites and mobile services we need to make sure that the information companies are required to share with the U.S. government doesn't end up violating user privacy. I am doubtful that government agenices in some of the democracies unlikely to be put on the "internet restricting countries" list can really be trusted not to abuse the systems of censorship and intermediary liability that a growing number of democracies are implementing in the name of legitimate law enforcement purposes. Thus on censorship I also prefer global standards. There is real value in making companies retain internal records of the censorship requests that they receive all around the world in the event of a challenge in U.S. court regarding the lawfulness of a particular act of censorship - a private right of action in U.S. court which GOFA or its equivalent would potentially enable. It's also good to make companies establish clear and uniform procedures for how they handle censorship requests, so that they can prove if challenged in court that they are only responding to requests made in writing through official legal channels, rather than responding to requests that have no basis even in local law, despite claiming vaguely to the public that "we are only following local law." Companies should be required to exercise maximum transparency with users about what is being censored, at whose behest, and according to which law exactly. Congress could, for example, mandate that the Chilling Effects Clearinghouse mechanism or something similar should be utilized globally for all content takedowns.

March 10, 2010

I'm back on Capitol Hill today to testify in the House of Representatives Foreign Affairs Committee. My full written testimony submitted for the record is here. The hearing will be webcast live on the House Foreign Relations Committee website here, and I believe the video will be archived on that page as well.

Yesterday members of the House launched an Internet Freedom Caucus and the Senate will be launching one as well later this month. Later this week I will write up my thoughts about Washington's recent flurry of activity on "Internet Freedom," including various efforts at legislation, funding to fight censorship and surveillance, and voluntary industry codes like the Global Network Initiative (with which I am actively involved). Meanwhile, here are the details of today's hearing:

Full Committee

Howard L. Berman (D-CA), Chairman

The Google Predicament:Transforming U.S. Cyberspace Policy to Advance Democracy, Security, and Trade

You are respectfully requested to attend the following open hearing of the
Full Committee to be held in Room 2172 of the Rayburn House Office Building.

March 01, 2010

At 10:00am Eastern Standard Time on Tuesday I will be testifying in my first Senate hearing. Each witness gets five minutes to make an oral statement, followed by Q&A. We were also invited to provide longer written
testimony for the record.

The Senate Committee on the Judiciary, Subcommittee on Human Rights
and the Law, will hold a hearing entitled "Global Internet Freedom and
the Rule of Law, Part II" on Tuesday, March 2, 2010 at 10:00 a.m. in
Room 226 of the Senate Dirksen Office Building.

Chairman Durbin will preside.

By order of the Chairman

Witness List

Hearing before the
Senate Committee on the Judiciary
Subcommittee on Human Rights and the Law

It appears that quite a lot of people in China watched the live video stream. The links to the text, video, and an ad-hoc Chinese translation - published through Google Docs, no less - are also circulating widely.

Beijing is 12 hours ahead of Washignton and people are just getting up over there. Once more people have had time to read, watch and react, it will be interesting indeed to see what they have to say - and to what extent people's reactions get censored on Chinese domestic blog-hosting platforms, Baidu, etc.

On Twitter, blogger Lianyue offered his prediction for how the Chinese Foreign Ministry will respond: "1. The Chinese Internet is the freest of all. 2. Opinions not in agreement with #1 have violated Chinese national conditions and do not respect Chinese law, so we have the right to shut them down."

it’s encouraging to see Clinton and the State Department unambiguously on the right side of these issues. It’s hard to know whether there’s any concrete implications to these words today beyond a worthy set of aspirations. Here’s hoping the next step is a conversation about how we would move from the right intentions to real-world outcomes, not just on censorship, but on the provocative idea of the “freedom to connect” and the vision of a “new nervous system for the planet.”

It’s thrilling that a Secretary of State would claim “freedom to connect” as a basic human right. That’s a very bit [I think he meant "big"-RM] stake in the ground. Likewise, it’s sort of amazing that the State Department is funding the development of tools to help users circumvent government restrictions on access. On the negative side, it’s distressing (but not surprising) that the Secretary of State should be come against anonymity so we can track down copyright infringers. Of course, in response to a question she said that we have to strike a balance so that the anonymity of dissenters is protected even as the anonymity of file sharers is betrayed. I just don’t know how you do that.

I too thought Clinton's speech was a very welcome - even exciting - commitment by the Obama administration to advance and protect a single, free and open Internet. But like David I agree the most difficult part going forward won't be supporting circumvention tools for dissidents in obviously un-free nations. As I've been saying in numerous articles, blog posts, interviews, and panels over the past week, I think the toughest work will be in coordinating U.S. domestic and foreign policies so that you don't have some policies advancing Internet freedom while other policies - especially on copyright, child protection, crime, and terror - end up sending a very different kind of message about American priorities. It's easy to criticize Iran and China for censorship but much trickier to work with Italy, France, and a wide range of other U.S. allies and close trade partners to ensure that policies and laws surrounding Internet regulation and governance don't end up being counterproductive, despite being well-intentioned in the short term.

January 19, 2010

Secretary of State Hillary Clinton plans to give a big speech about Internet freedom on Thursday. People are calling on her to speak loudly against Chinese censorship and stand firm for free speech on the Chinese Internet - and elsewhere like Iran. I've been invited to attend and I'm also going to be on a post-game analysis panel. But before the fun and games begin, I might as well add my two cents to the suggestion pile.

The wrong message for Clinton to give on Thursday would be something to the effect of: "Never fear, netizens of China, America is here to free you!"

My dream speech would be about how the Internet poses a challenge to all governments and most companies (except those companies like Google whose business is built around that challenge). I would call on all governments to work together with citizens, companies and each other to build a globally interconnected, free and open network that enhances the lives of everybody on the planet, enables commerce and innovation by big and small players alike, makes everybody richer and freer, and improves all governments' relations with their citizens by making government more transparent, efficient, and thus more credible and legitimate.

I would quote Benjamin Franklin, who wrote in 1759: “Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.”

The speech would remind us all that all power corrupts and absolute power corrupts absolutely, and that American democracy was built on this assumption. The Internet empowers governments and law enforcement agencies as well as citizens, upstart candidates, and dissidents. I would emphasize that the great challenge of our generation - as far as freedom is concerned - is to rediscover the right balance in the Internet age between society's need for security on the one hand, and the imperative of human rights and free expression on the other. Authoritarian nations obviously don't have the balance right which is why we consider them repressive. No democracy ever stops arguing internally about where the balance should be. But I would be honest about the fact that right now the world's democracies are arguing fiercely within and sometimes amongst themselves about where the right balance point should be in the Internet age. Wouldn't it be just so wonderful if the United States could take the lead in being honest rather than acting like the Lone Ranger on a white horse, much to the derision and cynicism of all my friends back in Asia, including the ones who hate their own governments?

The problem of censorship and surveillance is obviously many magnitudes worse when these things happen without a democratic political system, independent courts, and a free press. But as I've written here and here, I'm concerned that in the name of protecting children, fighting terror and preserving the intellectual property and pre-Internet business models of companies with deep pockets and powerful lobbies, Western democracies are going too far in enabling censorship and surveillance, in a way that in turn empowers and justifies what the Chinese and other authoritarian governments are doing. A few years ago China used to deny censoring because it wasn't something a government wanted to admit in polite company. Now they proudly respond to questions about their Internet policies along the lines of: "We're merely exercising our sovereign right just like everybody else. F-off."

The U.S. congress is getting energized again to make it illegal for U.S. companies to cooperate with surveillance in "internet-restricting countries" (an ever-growing list which - depending on how you define "internet-restricting" which one could argue over endlessly - includes a growing number of democracies and close U.S. trade partners). Yesterday Glenn Greenwald brought up a chillingly ironic fact about corporate collaboration with surveillance in America:

all of the sponsors of the pending bill to ban American companies from collaborating with domestic Internet spying in foreign countries -- the inspirationally-named Global Online Freedom Act of 2009 -- voted in favor of the 2008 bill to legalize what had been the illegal warrantless interception of emails and to immunize telecoms which helped our own government break the law in how it spied on Americans.

I will leave it there, and cross my fingers for Thursday. Meanwhile if you want a warm-up, I'll be speaking on a panel with Evgeny Morozov, Jim Fallows, Tim Wu and Sec. Clinton's special adviser Alec Ross at the New America Foundation tomorrow morning at 9:30am Eastern. The live webcast will be here.